Heterogeneous computer systems typically require multiple authentication mechanisms. For example, in order to access a particular enterprise application, a user may have to login to their workstation, a network, and finally the application itself. This process is cumbersome since it requires the user to interact with different authentication mechanisms, each of which may require the user to remember a unique user name and password. An additional drawback is that each authentication mechanism may be tightly integrated with the mechanism used to obtain authentication information from the user. This merger of the two mechanisms makes it difficult to integrate new authentication techniques.